#!/bin/sh
#(c) Barry Kauler, April 2009. GPL v3 licence (refer: /usr/share/doc/legal).
#gui for 'bcrypt' file encrypt/decrypt.
#$1 is normally invoked by clicking on a .bfe file in rox, $1 has full path.
#also supports drag and drop.
#most of this code was written by coolpup, I have just butchered it a bit.
#w482 dogone: password must be 8 chars, logic fixed.
#120201 rodin.s: internationalized.
#120226 01micko: convert to gtkdialog4.
#120323 call pupmessage instead of xmessage.
#131130 zigbert: gui (gtkdialog) improvements.
#140712 SFR: fix special chars in PASSWORD + some other minor improvements

export TEXTDOMAIN=bcrypt_gui
export TEXTDOMAINDIR=/usr/share/locale
export OUTPUT_CHARSET=UTF-8
. gettext.sh
export LANGORG=$LANG

if [ "`which bcrypt`" = "" ];then
 /usr/lib/gtkdialog/box_ok "Bcrypt" error "$(gettext "The 'bcrypt' package must be installed first.")"
 exit
fi

#----------------------------------------------------
bcrypt_help() {
	echo "$(gettext "Bcrypt is a cross-platform file encryption utility which means that encrypted files are portable across all supported operating systems and processors, of which Linux and Win32 are two of them.

It is used for encrypting files, and can be used for secure deletion, which is better than any common file shredder since the deleted file has been encrypted beforehand. It is available from the main menu and from the right-click context menu by default for most of the basic text, image, and audio file types.
 
Passphrases must be between 8 and 56 characters and are hashed internally to a 448 bit key (the largest keysize supported by the blowfish algorithm) regardless of the passphrase size. However, all characters supplied are significant since the stronger your passphrase, the more secure your data will be. WARNING: If you forget the encryption key (passphrase) your file can never be opened again in your lifetime and probably never will.

By default, bcrypt will compress input files before encryption, remove input files after they are processed (assuming they are processed successfully), and overwrite the original input files with random data three times before deleting them in order to prevent data recovery by unauthorized persons.

Encrypted files will be saved with an extension of .bfe. Any files ending in .bfe will be assumed to be encrypted with bcrypt, and so bcrypt will attempt to decrypt them. Any other input files will be encrypted. Bcrypt uses the blowfish encryption algorithm published by Bruce Schneier in 1993.

Pcrypt was created by coolpup for Puppy Linux, February 2009 GPL v3 Licence.

Bcrypt_gui based on Pcrypt, by Barry Kauler, April 2009.

Bcrypt copyright (c) 2002 Johnny Shelley All rights reserved. Licence supplied.")" > /tmp/box_help

	/usr/lib/gtkdialog/box_help "Bcrypt and encryption" &
}
export -f bcrypt_help
#----------------------------------------------------

#if [ ! $1 ];then
 #run from the menu. this section was originally created by 'coolpup', jan. 2009.
 #modified by BK april 2009.
 SOURCEFILE=""
 if [ "$1" ];then
  SOURCEFILE="$1"
  [ ! -f "$SOURCEFILE" ] && exit
 fi
 
 while [ 1 ];do
  if [ "$SOURCEFILE" = "" ];then
   DEFAULT=""
  else
   DEFAULT="<default>${SOURCEFILE}</default>"
  fi

  #main gui
  S='
<window title="Bcrypt - '$(gettext 'File encryption')'" icon-name="gtk-file">
<vbox space-expand="true" space-fill="true">
  '"`/usr/lib/gtkdialog/xml_info scale "file_lock.svg" 60 "$(gettext 'Bcrypt is a utility to encrypt or decrypt a file')" "$(gettext 'Drag the file you want to <b>encrypt or decrypt</b> into the field or use the browse-button.')" "<b><span color='"'red'"'>$MSG2</span></b>"`"' 
  <frame>
    <vbox space-expand="false" space-fill="false">
      <hbox>
        <text space-expand="false" space-fill="false"><label>"'$(gettext 'File to encrypt / decrypt')' "</label></text>
        <text space-expand="true" space-fill="true"><label>""</label></text>
      </hbox>
      <hbox>
        <entry accept="file" fs-title="Bcrypt">
          '${DEFAULT}'
          <variable>SOURCEFILE</variable>
        </entry>
        <button>
          '"`/usr/lib/gtkdialog/xml_button-icon open`"'
          <action type="fileselect">SOURCEFILE</action>
        </button>
      </hbox>
      <hbox>
        <checkbox>
          <variable>KEEPINPUTFILE</variable>
          <label>"'$(gettext "Do NOT remove input file after processing")'"</label>
        </checkbox>
      </hbox>
      <text><label>""</label></text>
      <hbox>
        <text><label>"'$(gettext 'Enter password')' "</label></text>
        <entry width-request="200" space-expand="false" space-fill="false">
           <visible>password</visible>
           <variable>PASSWORD1</variable>
        </entry>
      </hbox>
      <hbox>
        <text><label>"'$(gettext 'Reenter password')' "</label></text>
        <entry width-request="200" space-expand="false" space-fill="false">
          <visible>password</visible>
          <variable>PASSWORD2</variable>
          <action signal="activate">exit:OK</action>
        </entry>
      </hbox>
      <text height-request="5"><label>""</label></text>
    </vbox>
  </frame>
  <hbox space-expand="false" space-fill="false"> 
    <hbox space-expand="false" space-fill="false"> 
      <button>
        <label>'$(gettext "Help")'</label>
        '"`/usr/lib/gtkdialog/xml_button-icon help`"'
        <action>bcrypt_help</action>
      </button>
    </hbox>
    <text space-expand="true" space-fill="true"><label>""</label></text>
    <button space-expand="false" space-fill="false">
      <label>'$(gettext "Cancel")'</label>
      '"`/usr/lib/gtkdialog/xml_button-icon cancel`"'
      <action>exit:CANCEL</action>
    </button>
    <button space-expand="false" space-fill="false">
      <label>'$(gettext "Ok")'</label>
      '"`/usr/lib/gtkdialog/xml_button-icon ok`"'
      <action>exit:OK</action>
    </button>
    '"`/usr/lib/gtkdialog/xml_scalegrip`"'
  </hbox>
</vbox>
</window>'
  export Bcrypt="$S"
  
  . /usr/lib/gtkdialog/xml_info gtk #build bg_pixmap for gtk-theme

  I=$IFS; IFS='
'
  for RETVAL in `gtkdialog -p Bcrypt`; do
    if [[ "$RETVAL" == "PASSWORD1"* ]]; then
      PASSWORD1="`echo $RETVAL | cut -f2- -d '"' | rev | cut -f2- -d '"' | rev`"
    elif [[ "$RETVAL" == "PASSWORD2"* ]]; then
      PASSWORD2="`echo $RETVAL | cut -f2- -d '"' | rev | cut -f2- -d '"' | rev`"
    else
      eval "$RETVAL"
    fi
  done
  IFS=$I

  [ "$EXIT" != "OK" ] && break
  [ "$PASSWORD1" = "" ] && break
  [ "$PASSWORD2" = "" ] && break
  [ "$SOURCEFILE" = "" ] && break
  [ ! -f "$SOURCEFILE" ] && break
  [ "$KEEPINPUTFILE" = "true" ] && BOPTS='-r' || BOPTS=''
  BYTES1=`echo -n "$PASSWORD1" | wc -c`
  if [ $BYTES1 -lt 8 ];then #w482 dogone advised, change from -le.
   MSG2="$(gettext 'Password needs to be at least 8 characters!')"
   continue
  fi
  if [ "$PASSWORD1" != "$PASSWORD2" ];then
   MSG2="$(gettext 'The password entries do not match!')"
   continue
  fi
  
  DIRNAME="`dirname "$SOURCEFILE"`"
  BASENAME="`basename "$SOURCEFILE"`"
  cd "$DIRNAME"
  if [ "`echo "$BASENAME" | grep '\.bfe$'`" != "" ];then
   echo "$PASSWORD1" | bcrypt $BOPTS "$BASENAME" 2>/tmp/bcrypt_error
  else
   echo "$PASSWORD1
$PASSWORD2" | bcrypt $BOPTS "$BASENAME" 2>/tmp/bcrypt_error
  fi
  if [ $? -ne 0 ];then
   MSG2="`cat /tmp/bcrypt_error | tail -n 1`"
   continue
  fi
  
  break
 done

 exit
#fi

###END###
